Archive

Full Disclosure: Although I work at McAfee Labs as an Anti-Malware Researcher, the views expressed here are entirely my own. No company resources or intellectual property were used to research or write this blog post.
TL;DR : Please don’t sue me.

A few days ago, I clicked on a link shared by a friend of mine on Facebook that was hosted on storypick[dot]com. I was using my Android phone and let Chrome open the page for me. Before I could read the contents of the page, I got a pop-up that looked like this:

This was the first time I had seen an intrusive ad on Android. (Also the first time I used Chrome on Android, usually I use Opera with a Desktop User Agent by default so I may have been living under a rock all this time)

I decided to click OK to see what I got.

7 serious viruses? Oh no, I must do something about it at once. *clicks OK*

Advice taken. The last thing I need is complete failure. *clicks OK*

To my surprise, I was redirected to Clean Master by KS Mobile, a very popular app with more than a 100 million users. I’ve been using it on all my older android devices for as long as I can remember.

WTF? Why was I redirected to this app through such a shady ad? Did I unknowingly install malware on my older devices? Was I misleading my friends by recommending malware all this time? Were a 100 million people duped into thinking that they have a clean app installed?

What’s even worse is that the app’s description has the cheek to claim that TrustGo (developers of a mobile security product) screwed up by flagging them for “potentially pushing unwanted ads” and were certain that it’s a false positive.

I’m sorry KS Mobile, but I’m with TrustGo on this one if they encountered a similar ad to what I was shown.

I decided to dig a little deeper by reverse engineering the Clean Master APK. Fortunately (or unfortunately, depending on how you look at it), I only found the usual code artifacts found in ad-supported apps (such as sending a little information about the device, how the app was used to KS Mobile servers and/or their ad partners). Nothing major. In fact, the code for their main application was well written and it was clear that the developers of Clean Master put in a lot of thought and effort into their product. But why would they resort to using a FakeAV themed advertisement to get people to install their app?

A day later, the Clean Master Page removed the false positive message so I decided to visit that page again on my phone, but this time I was armed with a packet sniffer to see what was really going on. It turned out that I got a similar ad without the FakeAV elements.

Although it now looks like Google’s DoubleClick ad network served the ad, it was a redirect by the original AdNexus network as we can see from the network logs.

The response content contained packed JavaScript which unpacks to the following (along with other JS+HTML code needed to display the ad):

I wish I had a packet capture log of the original ad so I could compare what had really changed but as I didn’t, I was satisfied at this point and closed my investigation.

I can only speculate as I did not contact TrustGo or KS Mobile, but it looks like they were asked by TrustGo to replace the FakeAV themed ad with something else.

Whatever the case, I think this strategy is really dangerous. I can only wonder if there were regular users who got the same ad as I did, installed Clean Master and were happy with the app. The next time they receive a similar FakeAV themed ad on their phone or computer, I wouldn’t blame them if they clicked on it and installed whatever they were asked to install as they got tremendous value out of an ad the last time they clicked on it. The next time however, they could have their devices infected and wouldn’t even know it.

I wish I knew who served the original ad and who’s to blame, but I don’t have enough evidence to support such conclusions. What is clear though, is that contrary to KS Mobile’s claim, the “potentially unwanted ads” were not false positives at all.

Even though there is a very realistic chance that a third-party attacker set up the ad so that future malicious ads could get higher click rates, I’ve decided to never use KS Mobile’s apps and stop recommending it to others until they publish more details as to what really happened. I am not satisfied with their “it’s a false positive” response.

A couple of weeks ago I was looking to buy a pair of good noise-cancelling Bluetooth headphones and I stumbled across two new models from Sennheiser which were announced at CES 2011, namely the MM 550 and PXC 360 BT. I don’t like using a headset to answer phone calls, so spending more for the MM 550 was out of the question. Unfortunately, I felt like I was taking a gamble with the PXC 360 BT as I could barely find any reviews for the 360 which is somewhat understandable as it’s a new (and expensive) model. I hope this brief review helps others who are considering buying the PXC 360 BT.

Box Contents:

PXC 360 BT Headphones (with Rechargeable Li polymer Battery)

Single-sided 3.5mm audio cable

3.5 mm double mono adapter (inflight adapter)

6.3 mm audio adapter

USB Charging Cable

Multi-Country Travel Adapters

Carrying Case

The CD included in the package contains a pdf version of the user manual in various languages.

Design:

The 360 comes with a metal reinforced extendible headband and looks quite sturdy. The soft, leather padded ear cups are foldable to a full 90 degrees and fit snugly inside the carrying case. The PXC 360 BT weighs about 180 grams and is a little heavier than it looks. However, they are comfortable to wear, even for long durations. The battery is located on the left ear cup and is removable/replaceable. The right ear cup holds all the controls as well as the the audio jack. The buttons for toggling Active Noise Cancelling (ANC) and Bluetooth are located at the bottom of the right ear cup while that for SRS-WOW HD is located under the “reduce volume” button. The controls are intuitive but take a while to get used to. The button at the center controls Play/Pause as well as the master control to turn the headphones on and off. The ANC button controls TalkThrough and ANC. There’s also a Braille symbol for ‘L’ embossed on top of the left ear cup.

Sound:

Quite frankly, to fully appreciate the sound quality of the PXC 360 BT, you’ll need an external sound card or a headphone amplifier as the integrated sound card on your PC or notebook is probably not good enough to exploit the 360. The 360 reproduces music really well. All my previous headphones used to sound like they passed all the audio through a static equalizer before passing it to the ear cups, so I’m glad I can finally hear music the way it is. Although it does a really good job at reproducing the mids and highs, what really caught my attention was the quality of bass. It’ll knock your socks off. I mostly listen to hard rock and heavy metal where good bass is a necessity and the 360 doesn’t fail to deliver. For a regular user, I would say that the maximum volume is adequate. I wish I could turn it up a little higher but to be fair, being a “metalhead” I’m not satisfied unless there are two amplifiers blowing music into my ear. As the ear cups cover the ears, it reduces a significant amount of background noise (passive noise cancelling) so everything is audible even on low volume.

I couldn’t make out any difference in audio quality when played via Bluetooth or the wired cable. I even tried comparing FLAC files (bit rates ranging from approx. 760 Kbps to 1100 Kbps) but I couldn’t notice any difference. The 360 even supports apt-X, but I don’t have any apt-X enabled device so I couldn’t test it. I’ve heard it sounds much better over apt-X.

Bluetooth:

I own two phones (Samsung Captivate and Nokia N82) and the 360 paired with both of them in the first attempt. Unlike my previous headphones which would occasionally lose the audio signal in short bursts, in the two weeks that I’ve used the 360, it hasn’t lost the signal even once. The PXC 360 BT supports Bluetooth 2.1 + EDR along with A2DP and AVRCP profiles which permit fast-forward and rewind playback options as well. Bluetooth range isn’t an issue as I was able to receive an uninterrupted feed even when my phone was approx. 30 feet (with no obstructions) and 20 feet (with a wall in between) away. I didn’t face any interference issues from Wi-Fi signals nearby.

Active-Noise Cancellation:

The manual claims that the 360 can reduce background sound by up to 90%. Although I couldn’t “feel” the 90% decrease, it does a remarkable job at reducing low-frequency sounds. I use these headphones while biking and it manages to completely cancel out the sound of wind as it gushes past me as well as partially cancel out the sound of cars as they pass by. I haven’t had the opportunity to test it in-flight but since it cancels out all the engine sounds and humming noise from traffic and the exhaust fan at home, it should work in-flight as well. Unfortunately, using ANC comes at the cost of a lower bass output so use it wisely.

SRS-WOW HD:

SRS-WOW HD is the most useless feature ever as it makes music sound hollow. Only a few songs sound decent with SRS-WOW enabled but you’re probably better off without it. I don’t use this feature at all.

Talk-Through:

I like this feature a lot. It basically lets you hear what’s going on outside without having to take off your headphones. There are microphones at the rear end of each ear cup that capture the sound from outside and feed it to the ear cups when Talk-Through is enabled. There is a slight delay but it’s barely noticeable so it’s not an issue.

Operating Time:

I was able to achieve operating times close to what’s mentioned in the manual, which are listed as follows:

Wired + ANC Enabled : 20 hours

Bluetooth Enabled : 10 hours

Bluetooth + ANC Enabled : 8 hours

Verdict:

Pros:

Sturdy Design, Comfortable to wear

Wired + Bluetooth option

Great Sound Reproduction (esp. Bass)

Active Noise Cancellation works great

Talk-Through

Replaceable Battery

2 years warranty

Cons:

Outrageously Expensive

Max. Volume could have been louder

Conclusion:

Overall, I’m very happy with these headphones. I like having the option to choose between wired and Bluetooth and active noise cancellation only makes it better. I’m also glad that I can use the PXC 360 BT as wired headphones even without the battery. I’d recommend it to anyone who’s always on the move. The Sennheiser PXC 360 BT retails for $589.95 but is available on Amazon.com for $329.99, which is still ridiculously over-priced in my opinion.

The awareness of using strong passwords has significantly improved over the last few years thanks to the efforts taken by many security organizations and websites. Even a lay-man today knows that it’s important to have a strong password to thwart hacking attempts.

Unfortunately, these organizations and websites fail to mention that security of a member’s account is the responsibility of the user AND the organization that stores the password. As a result, whenever hundreds to thousands of passwords are stolen by hackers, some website managers find it convenient to blame the users for the password theft. Although mass password thefts are generally caused by phishing (in which case the user is at fault), a small percentage of it is caused by stealing or hacking the website database. Sometimes, organizations release member information to third-party companies or partner websites, which is fine as long as they take certain safety measures. As you can imagine, not everyone does this which means that the host website is also a potential point of failure.

I shall explain by providing a couple of examples and shall conclude with a test procedure that you can use to detect if a website is storing your passwords securely.

Please note that this article is only concerned with password storage and ignores security measures and breaches due to other factors.

Eg1 : Plain, Simple and Visible

This technique stores all data in plaintext. Hence, all the passwords and data are visible to anyone who has access to the database table. You don’t even need to hack the database to gain access to such information. Some employees of the organization storing this data have access to the database legally and can steal passwords if they wish. Although it’s fairly obvious that storing data in plaintext is asking for trouble, it’s popular among students and other people due to the ease of implementation.

Areas where this technique is prevalent:

Web applications written by students.

Websites belonging to Small and Medium Businesses (SMB).

Websites of startups. (Hardly any startups do this anymore which is a good sign)

Eg2 : Secure Passwords, Open Data

Passwords, in this case, are stored as a computed one-time hash. This prevents them from being reversed into their original form and in essence, protects the password from being recovered in the event of a security breach. Employees who have genuine access to the database can view your data but have no idea about your password. This is desirable in certain situations where member information needs to be visible to the employees as the password remains a secret known only to the member.

Areas where this technique is prevalent:

Web applications written by (smarter) students.

Startups and other SMBs.

Online Forums.

Eg3: Secure Data and Passwords

In this case, only the primary key is left unencrypted while every other field is encrypted using a reasonably long key. This makes locating entries in the database easy and protects the user’s information. Partner websites do not have direct access to the data and instead use intermediate accessor-functions to access data. A database hack would still protect user information unlike the previous methods.

There are several variations that are more secure which employ various techniques such as:

Encrypt everything and use lookup tables with hashes to access data.

Distribute data across multiple databases.

Distribute data across multiple databases that use different encryption schemes.

…many many more which are far more complex and more secure by several degrees…

Areas where this technique is prevalent:

Banks

e-commerce Websites

Government and Military Organizations

Aside from these techniques, there’s an interesting myth on which I’d like to throw some light.

Websites that use HTTPS

A website that uses HTTPS using SSL/TLS only guarantees that data transmission between the user and the website cannot be intercepted by eavesdropping attacks. This does not say anything about how the data is stored at server-side. Hence, data stored on a website that uses the HTTPS protocol is still unsecure if it employs the storage method demonstrated in Example1.

How to Find Out If a Website Stores Your Password in Plaintext?

Follow these simple steps to find out if a website hashes your password or not.

Register as a new member on the website in question. If you already have an account, skip this step.

Click ‘Forgot Password’ on the login page of the website.

Follow the instructions to recover your password. (usually you would enter your email address or answer your secret question depending on the website)

If your old password is revealed on screen or in the ‘password recovery’ email, the password is stored in plain-text, which means your password can be stolen in the event of a server-side security breach.

If you are asked to click a ‘Password Reset’ link or enter a new password directly (this is website-dependent), the website stores your password as a hashed value and your password is safe from being stolen if the website gets hacked. (In this case, your old password can’t be shown to you because a hashed value cannot be converted into its original form)

I hope this article has helped you realize that having a strong password is pointless if the website that you use it for stores it in plaintext.

Update:rootkit.com got hacked on March 3rd, 2011 (see here and here) and had all its users’ account passwords stolen since all the user passwords were stored in plaintext. It’s disappointing that someone as accomplished as Greg Hoglund (whose book on Rootkits still remains one of my favourites) used passwords stored as plaintext on his website. A security firm headed by a security researcher making such a basic mistake is simply unforgivable. I hope you won’t make the same mistake.
Update:Microsoft India got hacked on February 12th, 2012 and had all user account passwords stolen (see here) because they were stored in plaintext. One would think that at least Microsoft would know how to store passwords. Sigh.

ATI was quick enough to release Windows 7 drivers for higher-end cards which you can download here but if you try to install the setup with an older graphics card (such as an ATI Radeon Xpress 1150), the setup fails to install because the graphics card is not supported. I wasn’t surprised, as my graphics card wasn’t mentioned in the release notes of the Windows 7 drivers but I tried installing the Vista equivalent (Catalyst version 9.3) hoping that would work, which unfortunately didn’t.

Without these drivers, you can’t load screensavers, use Aero or use taskbar previews and the display appears slightly blurred.

I found a solution by using an older driver (so old that it isn’t even mentioned on ATI’s Older Releases page) and although the Catalyst software didn’t work, the display driver works fine and I can use Aero, view taskbar previews and pretty much do everything else.

You will need to download ATI Catalyst Driver version 7.11 for your card to work properly with Windows 7 which you can download here for the 32-bit version or here for the 64-bit one. Although the drivers are for Vista, they will work for Windows 7 as well. I haven’t been successful running a higher version of ATI’s drivers, so let me know if you’ve succeeded running a higher version.

Windows 7 RC boots faster and even runs slightly better than Windows XP and I haven’t had problems with application compatibility so far and I advise you all to give it a try.

I was forced to reinstall Windows 7 RC for irrelevant reasons, and this time Windows 7 automatically downloaded the driver for the Radeon Xpress 1150 Card after the OS setup was complete.

The update appears as a recommended download in Windows update and although it states that the driver publish date is 27th April 2009, the actual driver is version 8.421.000 and was released in September 2007. The driver installed by ATI’s 8.12 Catalyst setup is version 8.561.000 which was released in December 2008.

Win Update

Driver Details

Games work perfectly fine and so does Aero and Aero Peek although I personally feel that games ran noticeably faster with the v8.12 driver. Also, the pre-startup screen logo animation is not displayed with the default driver that Windows installs.

Still, I recommend updating the driver to version 8.12.

I haven’t had the opportunity to try this on the retail version of Windows 7 yet, but I’ll update this post as soon as I do.

Update 3:

If you use DriverMax, it suggests a newer driver for the ATI Radeon Xpress 1150 having version 8.593.100.0 released on 27th April 2009. I guess this was the driver that Microsoft intended to bundle with its Windows update (read Update 2) so I went ahead and installed it.

The driver worked fine until I started a couple of games, which is when I noticed that this driver cannot resize the screen to a lower resolution. What it does instead is reduce the resolution of the game instead of the screen. For example, I chose 800×600 resolution for a game and instead of resizing the screen, the driver maintained the usual 1280×800 resolution for the screen and reduced the game to 800×600 resulting in the game taking up only a small portion of the screen.

After uninstalling the driver and reverting to the previous one, everything was back to normal. Moral of the story: DO NOT install version 8.593.100.0 !!!

Some of you might already know that some KDE Applications have been supported on Windows and MacOS after version 4.0.

I wanted to install Umbrello on my Windows XP Machine and I consulted the documentation to learn more about the installation process. KDE is nice enough to provide an installer for Windows but it’s terribly slow since all the packages are downloaded using a single thread which will take you at least 3 times longer than if you had download the individual packages manually with a download manager application.

I tried searching for help online, but there isn’t any useful information on how to go about doing this, so I’ve decided to write one.

Anyway, I decided to download all the packages manually and use the installer to unpack them into a single directory. Unfortunately, the KDE Website doesn’t mention which packages Umbrello needs so I had to use the installer and its log dumps to figure out which URLs it was drawing the packages from.

To use umbrello on Windows, you can either download the KDE libraries and source code and compile it yourself using Visual C++ 2005 or MinGW, or you can download the precompiled binaries and libraries and use them directly. To be honest, there’s no point in compiling KDE yourself since the source code files are as large as the precompiled binaries so you’re better off downloading the binaries.

Umbrello is present in the kdesdk package which is about 5.3MB and you need to download additional libraries as well along with the kdesdk package. The installer only mentions 32 packages in the package dependencies list but there are actually 35 of them (don’t worry though, the installer installs all 35 if you choose to download the packages automatically)

The installer needs the MD5 hash of every package you want to install so make sure you have them too. After you have downloaded all the package files, place them in a temporary directory and start the Installer. Then choose to Download and Install from the Internet. (Although the install from Local Directory option exists, it didn’t work for me)

After that choose the directory where you placed all your packages in the temporary directory selection screen and choose the kdesdk Package for download. Click past the package dependencies page to install KDE.

If you downloaded all the 35 packages correctly (1 package = binary + binary.md5 + libraryArchive + libraryArchive.md5) then the installer will skip directly to installation and it will install KDE on your computer. If not, it will download the missing packages and install it once it is complete.

That’s it! KDE is installed and you can run Umbrello from the Start Menu Shortcuts or from the bin folder in the KDE directory (C:Program FilesKDE by default)

That was the gist of what you need to do to be able to run Umbrello on Windows. Now for step-by-step instructions.

1) Download the KDE Mirror List from here. If the link is dead you can choose one of the mirror sites from here:

Choose any of the websites given above although you should preferably choose a website which is closer to your location for faster download speeds. Most of these websites allow directory listings, so you should be able to see a list of directories on the website.

2) Navigate to stable -> 4.2.1 -> win32.You will now be able to see all the KDE packages in this directory. You don’t need all of them so don’t download them all. You need to download 143 files which are listed below:

3) Place all these files in a single directory. Now start the Installer and choose Install From Internet.

4) Click Next and choose the End User Install Mode.

5) In the next screen you will need to enter a Download Path. Choose the directory where you stored all the downloaded packages and click Next.

6) The next screen displays all the KDE releases which are available for download. As of writing, the latest KDE version is 4.2.1 stable but choose a newer version if it is available. If a newer version is available, ensure that you are downloading the correct packages.

7) In the next screen you will need to select KDE packages which you wish to install. Since we only want Umbrello, check the kdesdk-msvc Package but you can add any other package that catches your fancy but keep in mind that the extra packages that you’ve selected might need other packages as well. To be honest, you don’t need to worry so much. The installer will automatically download the required packages, although it will take a lot longer than if you do it manually. Click Next.

8) If you’ve done everything correctly, the installer should jump directly to the installation part and the installer window should look something like this:

If not, there’s no need to worry. The installer will download the other packages for you and then start the installation process.

9) You’ve successfully installed KDE on your computer. If the installation is successful you should see a screen like this:

Now all you have to do is navigate to KDE 2.4.1 Release -> Development from the Start Menu and click on Umbrello. Alternatively, double-click on the Umbrello icon in the <KDE_Install_Directory>bin folder.

Umbrello should now start.

Enjoy!

Note: Umbrello on Windows has many bugs and crashes when you right click and select the export to image option. If you use the Main Menu, you can export the diagrams as images and it wont crash. It might also crash while closing Umbrello. KDE for Windows is still a work in progress and they’ll fix these bugs in future versions so keep checking for newer, stable releases.

Last week I bought a Maxtor Basics 1 TB Hard Disk online as my 500 GB Western Digital MyBook Essential HDD was out of free space.

The Hard Disk was available for Rs. 5890 on Ebay and I had a 5% off voucher which reduced the final price to Rs. 5500 which is about 200-300 bucks cheaper than the street price in Mumbai, so it was a good steal which didn’t even require me to move from my chair.

Since I already have a WD MyBook Essential 500 GB hard disk, I couldn’t help but compare the two.

Box Contents:

The Box contains the Hard Disk, a USB Cable, Power Adapter, 3 detachable plugs, a Quick Start guide and a 3 year warranty card.

The only way you can connect the Hard Disk to a computer is by using a mini-USB cable. It supports USB 2.0 and offers upto 480 MBps which is decent. The spindle spins at 7200 RPM and I was even able to play OpenArena straight from the hard disk without any lags.

Although many people complain the disk is very noisy, mine is very silent.

The Hard disk is already formatted in NTFS and the actual free space available is 931 GB. Even when the disk is empty, Windows reports that 93.5 MB is being used and that doesn’t disappear even after a complete format.

Build Quality:

Unlike the MyBook Essential which has surplus holes to dissipate heat, the maxtor disk just has a few gaps at the top-left and bottom-left edges and as a result, the disk tends to get hot very quickly.

Since there is no rubber layer at the bottom, there is no grip and the disk is very slippery and even a slight jerk can cause it to move so you might want to think twice before you put it near the edge of a table.

The disk has been crammed into a small cover which results in a very noticeable elliptical bulge at the bottom of the disk cover.

Bundled Software:

None.

Power Cables:

The best thing about the hard disk is that it allows you to use 3 different types of plugs with the power adapter. I find this very useful because even though I bought the WD MyBook Essential from a WD shop in India, it comes with a 110V adapter and I have to use it with a 110-220V converter every time to use it in India.

The Maxtor disk on the other hand has two 110V plugs and a 220V plug which means I don’t need a converter anymore.

Since it requires a mini-USB to USB cable which is easily available, you can even use your cell phone or mp3 player’s cable to use the hard disk.

Pros:

Very Cheap
Fairly silent
3 detachable plugs
Any mini-USB cable can be used
Fast Access Times
3 year Warranty

Cons:

Gets hot very quickly
Slippery surface
No bundled software

Final Word:

For its price, the Maxtor Basics 1TB is totally worth the price and doesn’t disappoint. It’s even smaller than most of the other 1TB hard disks. If you’re looking for a cheap solution to backup your music, photos and CDs, Maxtor Basics is your best bet.

You’ve probably come across Thumb Drive Viruses when you connect your thumb drive to a computer at work or at school.

These viruses copy themselves onto a thumb drive as soon as it is connected to an infected computer and the second they’re connected to any other computer, the virus spreads on that machine as well.

Since you may not be able to remove the virus from the infected computer (due to insufficient admin privileges, etc.), you can ensure that the virus on the thumb drive does not spread on another machine.

Suppose you’re not sure if your thumb drive is infected or not and wish to connect it to your computer without taking the risk of infecting it. To ensure that the virus does not start, Hold Shift and insert the thumb drive into the USB Port. This will prevent the AutoPlay function from being executed from the thumb drive, and hence does not start the virus when the thumb drive is inserted.

Now that you’ve connected your thumb drive, it’s time to check if it has a virus or not. Most Thumb drive viruses can be detected by using these 2 techniques:

1) Check Drive Icon:

Although the virus is an exe file, it uses the directory icon to fool users into clicking it. Though not all viruses do this, it’s still worthwhile to check if the icons have been changed.

This what an uninfected thumb-drive looks like:

An infected thumb-drive looks like this:

Now, if you want to access the files in this pen-drive, DO NOT DOUBLE-CLICK THE THUMB-DRIVE ICON as it starts AutoPlay and will execute the virus program.

Instead, right-click the icon and choose Explore OR click the Folders icon on the menu bar and select the thumb drive from the left pane as shown below:

Now it’s time to find the viruses and remove them. If you look at your directory contents it will look like this:

You won’t see any viruses as they are hidden. What’s worse, since they are also marked as system files some anti-virus programs ignore virus scans on such files. This is the time to use the second technique.

2) The ATTRIB Test

Click Start->Run and type cmd and press Enter. Once you see the command prompt, type [USBDriveLetter]: and press Enter i.e. E: in this example.

Now type attrib and press Enter. The output should look like this:

You’ll notice a few files with the SHR File attributes in this window. One of these files will be autorun.inf, which instructs the OS which applications to run when the thumb drive is inserted. The other files will be .exe, .vbs or .pif files and are usually the viruses that you are looking for.

After you type this command for all the filenames set with SHR file attributes, type attrib again and observe the result:

Cool, now open Windows Explorer and you’ll notice that the viruses are now visible.

The next part is simple, choose all the viruses and delete them. You should also delete the autorun.inf file unless your thumb drive is made by SanDisk (SanDisk thumb drives depend on autorun.inf to start its own utility programs). If your thumb drive is manufactured by SanDisk, open the autorun.inf file and simply remove all lines that contain the virus filenames.

That’s all. Your Thumb Drive is no longer infected.

There’s something you should take care of though. Many Thumb Drive viruses make copies of itself in every directory on the thumb drive. If that’s the case then you will have to perform the above steps for each folder or use attrib -s -h -r /s *.* to unset SHR attributes of all files in your thumb drive. You can then delete them individually.

To play safe, instead of relying on pressing Shift every time you insert your thumb drive, it is wiser to disable autorun for all removal drives so that Autorun.inf is never executed when your thumb-drive is inserted.

To do that in Windows XP, download a powertoy called TweakUI and disable autoplay for all removable devices as shown below:

Once that is done, you no longer have to press Shift to disable autorun every time you connect your thumb drive.

However, you will still need to use the attrib command to unset file attributes and delete the files manually.

You can also use Ninja PenDisk to do the same thing automatically but I suggest doing this on your own as Ninja Pendisk may not be able to detect and remove all viruses.

UPDATE:

Some “USB-Viruses” hide all directories on your thumb drive and replace them with exe files (i.e. the virus) having the same name.

When I first heard about Bolt Browser for J2ME mobile phones, I couldn’t wait to try it out and see how it compares to Opera Mini 4.2.

I’ve used WebKit based browsers such as TeaShark and the native Nokia S60 browser before and as far as rendering speed is concerned, these browsers take as much as 5 times the amount of time Opera Mini takes to render a page.

So it was interesting to test Bolt against Opera Mini and Webkit browsers.

Startup:

Bolt’s installation procedure is similar to Opera Mini’s but it takes a lot more time to start than Opera Mini.
Here’s how the startup screens look like:

Loading Screens

Start Screens

Both start-screens are alike, except that Opera Mini displays History, Bookmarks and Feeds vertically while Bolt displays it horizontally.

Rendering Performance:

Bolt’s Rendering accuracy is really good, however it does mess up a few images i.e. the colour of the images is a little different from the original.

Speed-wise, Bolt is a lot faster than Webkit based browsers but is slower than Opera Mini. Although Bitstream claims that it is faster than Opera Mini, I didn’t think so. It is fast, but not as fast as Opera Mini.

It’s interesting to note that Bolt works flawlessly with Bloglines while Opera Mini and Webkit browsers don’t work.

However, on many pages Bolt throws up errors almost every time.

Although errors like this can be resolved with a refresh, I encountered another error that announced that Bolt had an unrecoverable error and sent an error log to their server. I couldn’t take a screenshot as I couldn’t reproduce it again.

Data Reduction:

Although Bitstream claims that its data reduction ratio is 23:1, there’s really no way of verifying this as Bolt has no option to view web-page information. Opera Mini’s Page Information looks like this:

Features:

To be honest, Bolt’s features are basic at best. The only feature that is unique to Bolt and sets itself apart from other browsers (including Opera Mini) is the Split-Screen feature.

In Split-screen mode the screen is horizontally divided into half. The top half has the zoomed-out view of a page while the bottom-half shows a full-zoomed area of the page around the cursor and it looks like this:

Other than this, Bolt doesn’t have much to brag out. Bolt’s Bookmark and RSS Feed Managers are similar to other browsers.

If the current webpage has a number somewhere, Bolt detects it and allows you to either call or send an SMS to that number. Opera Mini also detects numbers but only allows the user to call the number. Both browsers are terrible at recognizing phone numbers though, phone models (such as P230, N70, N95), addresses and version numbers are confused as telephone numbers.
Opera Mini on the other hand has Opera Link for bookmark synchronization, is skinnable, allows pages to be saved on phone or memory card, supports HTTP Authentication (bolt doesn’t) and supports multiple search-engines and even custom Search Strings like this:

fdsf

Customization:

Again, a no show. There’s hardly any options to choose from.

That’s it. There are no more options in Bolt. Compare this with Opera Mini’s options:

Final Word:

For a browser in its beta stage, Bolt is pretty good and I expect the final version to be a little faster and more feature-rich. Even in its beta stage it’s better than most Webkit based browsers. However, it lacks many basic features (such as tabbed browsing, copy-pasting and page saves) and if the final version doesn’t include any new features, then there’s absolutely no way Bolt can be an Opera Mini killer. Bolt has the potential, but only time will tell.

I wanted to post this a few years back but I just didn’t have the time.

This is something really interesting and it seems that nobody else has come across this little secret.

Many members from dreamincode.net Forums asked me how I could make my signature show videos running in the background and I’ve finally found time to explain how.

This is how my Forum Signature looks like (or looked like when I was writing this post) :

To see how this works, follow these steps:

Open your favourite media player and play any video file.

Ensure that the media player window is covering the image above.

Now, minimize the media player.

You should now see a portion of the video being played on the image as if the image itself were a media player.

Awesome, isn’t it?

I figured this out while I was experimenting with an application of mine which tried to modify Media Player Classic on-the-fly.

It seems that in Windows XP (might also be true for other windows OSes and other OSes), Video files can only be displayed on a portion of the screen that has a particular colour. The video can only be displayed on a portion of the screen which is currently displaying a specific colour.

That specific colour is RGB(16,0,16).

Try it out for yourself. Create an image with a background colour of RGB(16,0,16) like this:

Now play any video over this image and minimize the video player. The video should now be visible on the image.

My guess as to why this works is that Windows (or other OSes) needs to be able to figure out where a video should be displayed when a media player requests for playback. According to me, this has been intentionally included in the video playback design.

If the media player just provided co-ordinates of a rectangle to the OS for displaying the video, that would mean that if any other application was placed on top of the media player window, the video would be displayed over the application’s interface which would not allow the user to see the application’s user interface (forms, controls etc.)

Here’s what I think they did to fix the problem.

The principle behind this design could have been that “if a video could be displayed only within a rectangle that displayed only a specific colour, no overlapping application would be affected.”

But which colour would be best suitable for this purpose? Black is the first colour that comes to my mind for obvious reasons but black is a common colour and is used frequently in desktop wallpapers or in user interface elements.

Hence they chose a colour that’s technically not black but would look just like black and hence they must have come up with the colour RGB(16,0,16)

My reasoning probably isn’t correct but I’m pretty sure that the real reason is based somewhere along the lines.

I just find it ironic that something that behaves just like a green screen doesn’t even have a hint of green in its colour code (its 16,0,16 in RGB) 😉

As I’m still not sure if this works on other operating systems, I’d appreciate it if you could test this on your operating system and post the result as a comment to this post. Thanks.

A friend gave me his CD which had broken into two pieces and asked if I could fix it.

Looking at it I knew there was no way I could recover all the files correctly, but there was a possibility that some files could be recovered. So I took up the challenge.

The first thing that I wanted to do was to attach the CD using Pidilite’s FeviQuick but I didn’t have any so I used FeviCol instead to attach the two pieces together.

There were way too many scratches and the portion near the crack had vanished so I wasn’t too optimistic about the result. But I had way too much time on my hands so I thought I’d go all the way just to see what happens.

After an hour or two, the glue had hardened but the CD would still bend when lifted. I then used cellotape to ensure that the CD remained in one piece.

After the cellotape fix, I realized that I had spilt some of the Fevicol on the CD layer.

I used a combination of cologne and my mom’s nail polish remover to remove the glue and it even managed to remove a few scratches.

That’s it. The CD was firm, relatively clean and seemed ready for the Acid Test so I inserted it in my laptop’s CD drive.

Obviously with the amount of damage the disc had taken there was no way Windows would even detect it as a CD.

I used some of the free tools from here and I managed to recover a few text files, pictures and portions of a video.

You’ll probably have more luck with your recovery process if your CDs are in better condition. 😉